Black Hat DC 2010 //sponsors

Hyatt Regency Crystal City • Jan 31 - Feb 3

Platinum Sponsor

Novell offers a compelling set of security management tools. Novell* Sentinel* is an award winning SIEM tool that enables organizations to meet compliance goals and harden their IT environment. Sentinel automates incident identification and resolution based on built-in business rules. With Sentinel*, IT administrators can monitor and track the status of violations and remediation actions, and can quickly identify new trends or attacks across the extended enterprise using virtually any data source.

To simplify compliance with PCI-DSS, Sarbanes-Oxley and other regulations, Novell* Sentinel* Log Manager enables you to collect, store, analyze and manage data logs from all across your enterprise. It is a powerful log management solution that lights a clear path to complete, real-time security information and event management.

Palantir is the industry-leading software platform for data analytics. Our enterprise analytic platform ensures a secure collaborative environment where users can ingest structured and unstructured data. Inside the platform, analysts perform link analysis, query broader networks around specific entities, search across massive data repositories, and disseminate new knowledge to the enterprise in an intuitive and seamless manner. Exporting this knowledge into the Palantir XML format puts previously disorganized data points into a structured format, where a Palantir investigation can port to other programs or other Palantir instances.

Gold Sponsors

ArcSight (NASDAQ:ARST) is a leading global provider of compliance and security management solutions that protect enterprises and government agencies. ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes, and control risk. The ArcSight platform collects and correlates user activity and event data across the enterprise so that businesses can rapidly identify, prioritize, and respond to compliance violations, policy breaches, cybersecurity attacks, and insider threats. For more information, visit www.arcsight.com.

Berico Technologies provides analytical and information technology/software development services to the U.S. Government and the private sector in support of high-visibility, complex projects. Berico’s mission is to provide top quality, innovative solutions to the toughest national security challenges through a combination of tailored products and services.

Berico Technologies is actively seeking Full Scope Poly cleared C/C++ and Java Developers in the DC/NOVA/MD area with expert knowledge in the fields of R&D, reverse engineering, malware analysis and embedded development. We are looking for team members who are passionate about learning new technologies and further developing their technical skill set to support our cutting-edge projects for the Intelligence and Defense communities.

Fortify® Software is the leader in the category of Software Security Assurance. We provide unique security solutions that protect government agencies from today’s greatest security risk: the software that runs their agencies.

Government organizations throughout the US and across the globe are experiencing dramatic increases in the quantity and sophistication of cyber crime attacks. The hackers include foreign governments, organized crime, and even individuals. As a result of the recent increase, several compliance regulations, such as FISMA, have been developed to help government agencies understand what steps need to be taken. However most agencies find they must go beyond FISMA to ensure they are protecting the software that runs their agencies and the securing their confidential data.

Fortify offers a comprehensive suite of solutions, which enables an agency to conduct static analysis of an application’s source code, dynamic analysis of a running application, and real time monitoring and protection for a deployed application. No other company offers all three of these solutions in one integrated platform. Fortify is trusted by more government agencies than any other application security company and is leading the industry in vulnerability research, tool development, and deployment practices.

Crucial Security Programs is developing advanced digital media exploitation technologies that enable reductions in processing time, greater processing efficiency, and faster access to actionable intelligence. We have over nine years of experience engineering and managing automated solutions for media exploitation on a large scale and provide continuing support to government customers in this and related IA/IO areas. Crucial Security works in a results-oriented partnership with our customers—making their mission, our mission.

Intel SOA Expressway

SOA Expressway is a gateway soft-appliance deployed to address common XML and SOA problem areas such as acceleration, security, service mediation and runtime service governance. SOA Expressway is available for any organization deploying services (SOA), hosted services (SaaS) or Web 2.0 (RIA). Available for standard operating systems such as Windows and Linux and requires no special custom hardware other than standard OEM servers.

For DoD of federal deployments, SOA Expressway can be deployed as a tamper proof hardware appliance with external crypto processing delivered by a Hardware Security Module. SOA expressway has the certifications, performance benchmarks, and scalability demanded by federal high assurance deployments.

SOA Expressway delivers:

Service Governance: Runtime governance for enforcing service policies & reporting

Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Headquartered in Seattle, WA, with locations around the world, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, router, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts the likes of Dan Kaminsky, Ilja van Sprundel, Mike Davis, Tiller Beauchamp, Ward Spangenberg, and Wes Brown—talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, Shakacon, BlueHat, CanSec, and WhatTheHack.

With the majority of IOActive’s customers ranked in the top 30% of the Fortune 500, IOActive is positioned and well experienced to handle a variety of security needs. IOActive has:

Worked on IT disaster recovery and business continuity planning for major insurance companies, state organizations, and energy companies

Developed and delivered secure application development programs based upon OWASP's top ten vulnerabilities, and application and network threat modeling methodologies to major software and telecommunication companies

Helped various Fortune 500 organizations with services ranging from enterprise risk management to independent technical validations of security hardware and a wide range of applications

In today's world, the need to protect an organization's information and operating systems from attack is of critical importance. Johns Hopkins University's Master of Science in Information Assurance provides students with the technical foundations and applied knowledge necessary to defend information assets from technically sophisticated adversaries.

EP faculty, students, alumni, and partners form a community of experts that prepares students to become leaders in technology and innovation and to apply that expertise to their organizations’ success. Classes held on weekday evenings and Saturdays, at eight campuses within the Baltimore/Washington, D.C. corridor, and online. With more than 2,700 enrolled students and over 400 faculty members from the JHU Whiting School of Engineering, the JHU Applied Physics Laboratory, and many private and government organizations, Johns Hopkins Engineering for Professionals is the largest part-time graduate engineering program in the country.

LogLogic® is the leader in log and security management solutions. Supported by more than 200 partners and trusted by more than 1,000 customers worldwide, LogLogic solutions provide visibility and control to any IT infrastructure so that organizations can significantly improve security, compliance and network performance. LogLogic's open log management platform enables customers to collect, search, and store massive amounts of IT log data for a comprehensive fingerprint of activity. LogLogic’s business applications correlate user activities and event data in real-time for an integrated approach to security event management, database security management, security change management and compliance management, resulting in improved accountability and lower costs for any organization.

"How vulnerable is the Internet and each one of us who depends on it?"

The Lookingglass team set out to answer these questions. In the process, Lookingglass developed a solution that will change the way cyber professionals view, analyze and act on Internet activity. ScoutVisionTM offers features delivered in modules unique to Enterprise Security Management, Critical Infrastructure Protection, Cyber Defense, Cyber Intelligence, and Investigative Analysis applications.

ScoutVision™ provides a dynamic view of the world’s enterprise and Internet activity. By fusing data from various proprietary sources and partnerships, ScoutVision™ is the only solution that provides analysis and visualization of logical (IP routing), physical (geo-location) and transit medium (fiber, satellite) topology. Features include:

Microsoft is proud to be a continuing sponsor of the Black Hat Security conference. We appreciate Black Hat providing a unique forum in which security researchers from all over the world, IT Pros and industry luminaries can gather to share insights, knowledge and information to advance security research.

Microsoft remains dedicated to software security and privacy and continues to collaborate with the community of people and technology organizations helping to protect customers and the broader ecosystem, Microsoft is also dedicated to software security and privacy.

Since the onset of Trustworthy Computing we have fostered a culture of security within Microsoft that includes developing secure code, building strong relationships with industry researchers and partners, and providing guidance to help protect customers. We would like to thank all of the customers, partners and security researchers who have worked with us to advance the state of the art in security science. Only by working together with partners, researchers and the community can we all ensure the advancement and success of the technology industry.

netForensics security information and event management solutions enable organizations of all sizes to rapidly identify and respond to threats and adhere to ever-changing compliance regulations. Our software and appliance products collect and centralize volumes of event log data to deliver accurate, actionable, real-time security intelligence. netForensics offers its award-winning nFX Cinxi One, recognized for its ease of deployment and management, and the industry’s only solution that combines security information management (SIM) and log management on one appliance. For over a decade, our nFX SIM One software solution has helped enterprises, managed service providers, and government agencies around the world to manage risk, protect their assets, and maintain compliant operations. For more information visit: http://www.netforensics.com

NetWitness® Corporation is the world leader in network forensics and automated threat intelligence solutions, helping government and commercial organizations discover, prioritize and remediate complex IT risks. NetWitness solutions concurrently solve a wide variety of information security problems including: advanced persistent threat management; sensitive data discovery and advanced data leakage detection; malware activity discovery; insider threat management; policy and controls verification and e-discovery. Originally developed for the US Intelligence Community, NetWitness has evolved to provide enterprises around the world with breakthrough methods of network content analysis and host-based risk discovery and prioritization. NetWitness customers include Defense, National Law Enforcement and Intelligence Agencies, Top US and European Banks, Critical Infrastructure, and Global 1000 organizations. NetWitness has offices in the U.S. and the U.K. and partners throughout North and South America Europe, the Middle East, and Asia.

We specialize in highly integrated computing platforms based on Field Programmable Gate Array (FPGA) technologies. We offer standard and custom products, and we provide consulting and engineering services. We are the experts in FPGA-accelerated algorithms for data security.

Pico Computing E-Series cards are designed to be easy to use, fast to deploy, and scalable. Use a single E-Series card for rapid algorithm prototyping. Deploy your application as an embedded system, or scale to multiple FPGAs using an SC-Series FPGA cluster.

Pico EX-Series boards offer high performance for the most demanding data security applications. Deploy multiple EX-Series boards in a rack-mounted cluster for truly amazing levels of password cracking performance. Our latest FPGA computing board, the Pico EX-500, can be equipped with up to 12 Xilinx FPGAs on a single, 16-lane PCI Express card. Up to 11 EX-500 cards can be installed in a standard 4U rack mounted chassis.

Pico Computing is headquartered in Seattle, Washington and has customers worldwide. For more information or to request a free Data Security White Paper, visit www.picocomputing.com.

Qualys, Inc. is the leading provider of on demand IT security risk and compliance management solutions – delivered as a service. Qualys’ Software-as-a-Service solutions are deployed in a matter of hours anywhere in the world, providing customers an immediate and continuous view of their security and compliance postures.

The QualysGuard® service is used today by more than 4,000 organizations in 85 countries, including 40 of the Fortune Global 100 and performs more than 200 million IP audits per year. Qualys has the largest vulnerability management deployment in the world at a Fortune Global 50 company.

RedSeal Network Advisor is automated security posture management software for network security. Every day, it gathers the configurations of all your network devices: firewalls, routers, load balancers, and more. It analyzes how the rules on all of these devices work together to defend business assets on your network. RedSeal validates this access control against both regulations and your own security policies to quickly identify mistakes and oversights that create potential attack paths. The result: you get the security you expected when you invested in your network devices in the first place.

RedSeal Vulnerability Advisor transforms scanning into actionable vulnerability management. Tightly integrated with and leveraging RedSeal Network Advisor’s network analysis, Vulnerability Advisor combines access information with your vulnerability scans. It identifies vulnerabilities that are exposed to un-trusted networks and those that are protected to generate a prioritized list of the vulnerabilities that pose the greatest business risk. Finally, RedSeal identifies gaps in your scanning so you know where to extend coverage to be secure.

Research In Motion Limited is a leading designer, manufacturer, and marketer of innovative wireless solutions for the worldwide mobile communications market. Through the development of integrated hardware, software, and services that support multiple wireless network standards, RIM provides platforms and solutions for seamless access to time-sensitive information including email, phone, SMS messaging, Internet and intranet-based applications. RIM technology also enables a broad array of third-party developers and manufacturers to enhance their products and services with wireless connectivity to data. RIM’s portfolio of award-winning products, services, and embedded technologies are used by thousands of organizations around the world and include the BlackBerry® wireless platform, the RIM Wireless Handheld™ product line, software development tools, radio-modems, and software/hardware licensing agreements. Founded in 1984 and based in Waterloo, Ontario, RIM operates offices in North America, Europe, and Asia Pacific.

Rovi Corporation delivers technology solutions that enable consumers to intuitively connect and discover to new entertainment content from many sources and locations. The company provides industry leading interactive media and program guides; a catalog of entertainment metadata; advanced media recognition solutions and industry standard networking technologies for the discovery of new media. These solutions are deployed by companies working to create a more cohesive entertainment experience for the consumers.
More information about Rovi can be found at www.rovicorp.com.

Rsignia, Inc. is the industry leader in providing network security, protection, and digital assets monitoring and management. Through superior engineering, we provide custom solutions that address new and emerging security issues including lawful intercept and data forensics. We take a full large scale systemic architecture approach, with full understanding of front end data acquisition, to signal processing, storage, record and session replay, to real-time analysis, post replay, to threat detection methods, as well as implementing required data center necessities such as power and cooling; a comprehensive solution which fit your specific needs and requirements.

SAINT Corporation, a global leader in network security, offers the first integrated vulnerability assessment and penetration testing. Examine your network with the SAINT vulnerability scanner, and expose where an attacker could breach your network. Go to a higher level of visibility with the SAINTexploit™ penetration testing tool and exploit the vulnerability to prove its existence without a doubt.
The SAINT scanner and penetration testing tools are fully integrated within the same interface, making it easy to determine where to begin remediation—with the exploitable vulnerabilities found by the scanner.

WebSAINT, the online SaaS (Software as a Service) vulnerability scanner is ideal for organizations that need to perform vulnerability scans or meet PCI ASV third party quarterly scanning requirements. WebSAINT Pro, is the online SaaS solution that includes vulnerability scanning, penetration testing, and Web application scanning along with the full functionality of the award winning SAINT scanner and exploit technology.

SecureWorks is a market leading provider of world-class information security services with over 2,600 clients worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, including more than ten percent of the Fortune 500, rely on SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong client service, award-winning security technology and experienced security professionals makes SecureWorks the premier provider of information security services for any organization. Positioned in the Leader’s Quadrant of Gartner’s Magic Quadrant for MSSPs, SecureWorks has also won SC Magazine's "Best Managed Security Service" award for 2006, 2007, 2008 & 2009 and has been named to the Inc. 500, Inc. 5000 and the Deloitte lists of fastest-growing companies.

Solera Networks develops high-speed active network forensics solutions for both physical and virtual networks. These solutions are unmatched in speed and scalability—capturing, indexing, searching, and replaying all network traffic, even in 10Gb environments. The Solera Networks architecture provides open platform interoperability, extensible storage, and portability. These capabilities enable security professionals to quickly identify the source of any attack, remediate, and fortify against further risk.

Using their groundbreaking technology, Solera Networks also provides a suite of lossless traffic capture, index, storage and search products that can be used to strengthen Cybersecurity:

Solera DS™ Capture Appliances – Full network capture (both packet header and payload), up to 10Gbps with onboard storage up to 16TB

DS SAN – Add to Solera DS Appliances to expand and scale to any storage need.

Solera Virtual Appliance – The only virtual capture appliance in the market that provides full capture, indexing, and replay for complete visibility within virtual environments.

Solera APIs – Solera Networks offers REST-based APIs to allow third-party network analysis tool providers to directly integrate into Solera DS capture and network forensics appliances. With the REST APIs, these tools can make direct calls to the Solera DS file system and interface to provide full context to any security event.

Splunk was born from our founders’ frustration in managing and securing some of the world's largest IT infrastructures. Armed with state-of-the-art IT tools, they found it nearly impossible to locate the root cause of problems, investigate security attacks and assemble all the data required for compliance audits. Their conclusion: the silo approach to managing IT, with separate tools for every technology and IT function, was cumbersome, costly and didn't scale.

So, they founded Splunk to develop a new approach. The concept is simple. If Google can index and let users instantly search billions of pages of Web content, why not do the same for the datacenter? This new approach, called IT Search, is changing the way we manage, secure and audit IT infrastructures. Using Splunk IT Search software, organizations can now search and analyze all their IT data from one place in real time.

With Splunk, they can now troubleshoot outages, investigate security incidents and demonstrate compliance in minutes, instead of hours or days. Splunk arms IT with a new level of visibility and insight to protect critical resources, increase productivity and deliver improved service quality. Download a free version of Splunk today: http://www.splunk.com/download

SRA is a leading provider of information technology and strategic consulting services for government organizations serving the national security, civil government and global health markets. A trusted leader in cyber security, SRA operates some of the largest security operations centers within the U.S. federal government. Through SRA One Vault™ – our end-to-end cyber security solution suite – combine leading-edge technologies, proven methodologies and multi-disciplined cyber expertise to provide our clients with a proactive approach that enables them to stay ahead of today’s most sophisticated cyber threats while minimizing the gap to exposure. SRA One Vault...Intelligent Cyber Security.

StillSecure delivers comprehensive network security that protects organizations from the perimeter to the endpoint. Offering both products and managed security services, StillSecure enables customers to affordably deploy the optimal blend of technologies for locking down their assets and complying with security policies and regulations. StillSecure customers range from mid-market companies to the world’s largest enterprises and agencies in government, financial services, healthcare, education and technology. For more information please call (303)381-3830 or visit http://www.stillsecure.com

Trustwave is the leading provider of on-demand and subscription-based
information security and compliance management solutions to businesses and
government entities throughout the world. Trustwave has helped thousands of
organizations ranging from Fortune 500 businesses and large financial
institutions to small and medium-sized retailers manage compliance and
secure their network infrastructure, data communications and critical
information assets.

SpiderLabs is Trustwave's advanced security team responsible for incident
response & forensics, penetration testing and application security for
Trustwave's clients. In addition, the team provides intelligence and
research to enhance Trustwave's product and service offerings through
real-world experience. SpiderLabs has responded to hundreds of security
incidents, performed thousands of penetration tests, and security tested
hundreds of business applications for the organizations ranging from the
largest companies in the world to nimble startups. Members of SpiderLabs
are frequently asked to speak at security conferences around the world
including Black Hat, DEFCON, OWASP, SANS, SecTor, ShmooCon, SOURCE, ToorCon,
and YSTS.

Trustwave is headquartered in Chicago with offices throughout North America,
South America, Europe, Africa, Asia and Australia.